What are the Terminologies used for Blockchain Identity Management Schemes?

Specialized terminology is used for blockchain-based identity management schemes. Unfortunately, the terminology is not always consistent among the various projects and standards. Further complicating matters is that some domain-specific terms are related to identity management in general while others are specific to blockchain identity management.

• Claim: A characteristic or statement about a subject made by an issuer as part of a credential.
• Credential: A set of one or more claims made by an issuer. A credential is associated with an identifier.
• Custodian: An entity acting on behalf of another entity with respect to their identifiers and/or credentials.
• Entity: A person, organization, or thing.
• Holder: A custodian holding a credential on behalf of a subject.
• Identifier: A blockchain address or other pseudonym that is associated with an entity.
• Issuer: An entity that issues a credential about a subject on behalf of a requester and owns one or more identifiers.
• Presentation: Information derived from one or more credentials that a subject discloses to a verifier (working on behalf of some relying party) to communicate some quality about a subject.
• Relying Party: An entity that receives information about a subject from a verifier.
• Requester: An entity that makes a request to an issuer to issue a credential about a subject.
• Subject: An entity that acts as a regular participant in a given identity management system and owns one or more identifiers.
• System Owner: An entity that owns a given identity management system.
• Verifier: An entity that verifies the validity of a presentation on behalf of a relying party.

Blockchain-based Identity Management Roles and Object Relationships: 

With this terminology, we can identify the common roles that occur in blockchain-based IDMSs and the relationships between these roles. We can also identify common objects found in these systems and the relationships between those objects.

Below Figure provides a high-level overview of the identity management roles.

• Requesters, Issuers, and Subjects are involved in credential issuance.
• Subjects, Verifiers, and Relying Parties are involved in presentation disclosure.
• Requesters ask for the issuance of a credential from Issuers. Issuers provide credentials to Subjects.
• Subjects reveal presentations to Verifiers.
• Verifiers verify presentations on behalf of Relying Parties.

Note that these roles are not exclusive. For instance, a subject and an issuer can both take the requester role, or a subject and a verifier can both be a relying party. Depending on the IDMS, the approval of a subject may be required to issue a new credential to that subject.

The next figure provides a high-level overview of the objects that entities interact with in a blockchain IDMS. The figure shows that entities can have one or more identifiers, that identifiers are associated with one or more credentials, and that presentations are derived from credentials.